HomeForumsGeneral Discussion

IPS/IDS for heavy content site

Tue, 02/05/2008 - 04:40 — rjanakan

All,

My site would have heavy content (video/pictures). I'm looking for an efficient IPS/IDS solution which would not introduce much of latency. I'm more familiar with Cisco ASA and also familiar with Juniper, Foundry and others. I also came across snort but haven't used it before. I'm more of looking for an appliance (for the ease of configuration,support etc...)
Could any one share their thoughts on performane of IPS/IDS from this vendors?
Thanks!
Janakan Rajendran

‹ limit on the number of databases open Tracking usage of public resources - throttling accesses per hour ›
  • 1243 reads
Wed, 02/06/2008 - 01:52 — atif.ghaffar
atif.ghaffar's picture

Re: IPS/IDS for heavy content site

Hi Janakan,

As you are looking for a commercial provider, this might be good for you.
They provide you also for insurance
http://www.iris-solution.com/

best regards

Thu, 02/14/2008 - 17:10 — rjanakan

Re: IPS/IDS for heavy content site

Atif,

Thank you for response. I'm looking for a security solution that would be managed internally. Is there any recommendation among Cisco, Juniper, Checkpoint and other providers?

Thu, 02/14/2008 - 23:08 — atif.ghaffar
atif.ghaffar's picture

Re: IPS/IDS for heavy content site

Janakan,

sorry no. havent experience with them.

What kind of threats are you expecting against your site?

What is the webserver that you are running?

You can buy an appliance for Breach Security or implement mod_security if you are using apache on your front ends. http://www.breach.com/

Nothing really beats a if not intval(id) die "Bye. Id must be an integer"; but that might me a topic of another discussion.

best regards.

Sun, 02/17/2008 - 03:56 — rjanakan

Re: IPS/IDS for heavy content site

Atif,

Thanks again for your reply. I have apache in the front and I'm worried about DoS and all other common attacks. Breach seems to be interesting and I'd have a look at it.
Thanks again!
Regards,
Janakan Rajendran

Mon, 02/18/2008 - 17:51 — Anonymous (not verified)

Re: IPS/IDS for heavy content site

Hi Janakan,

I would take a look at NetScaler loadbalancer (Application Accelerator). NetScaler have DoS protection features as well as Application firewall capabilities on top of being a top of the line loadbalancer.

regards,
henrik

Wed, 02/20/2008 - 01:16 — atif.ghaffar
atif.ghaffar's picture

Re: IPS/IDS for heavy content site

My $0.2.

I would advice against going with a product that can do X and Y.
When X breaks you cannot bypass temporarily all traffic to Y.

Wed, 02/20/2008 - 21:30 — Anonymous (not verified)

Re: IPS/IDS for heavy content site

Probably you don't need any. Realy, no joking.

Thu, 02/21/2008 - 19:05 — rjanakan

Re: IPS/IDS for heavy content site

Thank you for all your replies!
My idea is to have something,

1. That will secure the servers
2. Cost-effective
3. Less effort to setup
4. Good support from Vendor

Based on that, I have breach and netscaler (it has a loadbalancer too-that's nice!). Hope I'd be able use any one of those.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd><div ?=?><p ?=?> <img ?=?><h1 ?=?><h2 ?=?><h3 ?=?>
  • Lines and paragraphs break automatically.
  • Glossary terms will be automatically marked with links to their descriptions
  • You may link to webpages through the weblinks registry

More information about formatting options

To combat spam, please enter the code in the image.